GEN006570 - The file integrity tool must be configured to verify ACLs.

Information

ACLs can provide permissions beyond those permitted through the file mode and must be verified by file integrity tools.

Solution

If using AIDE, edit the configuration and add the 'ACL' option for all monitored files and directories.

If using a different file integrity tool, configure ACL checking per the tool's documentation.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-6a., 800-53|SI-7, CAT|III, CCI|CCI-001297, CCI|CCI-002696, Rule-ID|SV-218668r603259_rule, STIG-ID|GEN006570, STIG-Legacy|SV-63657, STIG-Legacy|V-22507, Vuln-ID|V-218668

Plugin: Unix

Control ID: 3f03567e1c6ac5d95791e895e5a3659e28a14f211398111d16777eeace388284